Xen Insecure Temporary File Lets Local Users Truncate Files
|
|
SecurityTracker Alert ID: 1018859
|
|
SecurityTracker URL: http://securitytracker.com/id?1018859
|
|
CVE Reference: CVE-2007-3919
(Links to External Site)
|
Date: Oct 25 2007
|
Impact: Denial of service via local system, Modification of system information, Modification of user information
|
Exploit Included: Yes
|
Version(s): 3.x, 3.1
|
Description: A vulnerability was reported in Xen. A local user can truncate files on the target system.
The XEN administrative tools (xen-utils) uses temporary files ('/tmp/xenq-shm') in an insecure manner. A local user can exploit
this to cause arbitrary files on the target system to be truncated when 'xenbaked' or 'xenmon.py' are invoked by the root user.
Steve
Kemp reported this vulnerability.
|
Impact: A local user can cause arbitrary files to be truncated on the target system.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.xensource.com/ (Links to External Site)
|
Cause: Access control error, State error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Thu, 25 Oct 2007 12:35:21 -0400
Subject: xen-utils
|
CVE-2007-3919
|
|
